Director - Cyber Defense / SOC

Job Description

We are seeking an experienced Director of Cyber Defense to lead and enhance ourorganization s cybersecurity capabilities. This role is responsible for overseeing the Security Operations Centre (SOC), Attack Surface Management, Incident Response and Crisis Management, and Dark Web Monitoring. The ideal candidate must have solid Cyber Defense practitioner experience and a proven track record of 15+ years in Cyber Security, with 5+ years leading cybersecurity teams and driving strategic security initiatives. Key Responsibilities Lead and mature the 24/7 Security Operations Centre (SOC) to detect, analyze, and respond to cyber threats in real-time. Establish playbooks, escalation procedures, and cross-functional coordination for handling critical security incidents. Dive deep into technical aspects of escalated incidents, in partnership with other Cyber Defense leads and cross functional peers Direct Incident Response (IR) and Crisis Management efforts, ensuring rapid containment, mitigation, and recovery from cyber incidents. Lead forensic investigations and post-incident reviews to improve security posture and prevent recurrence. Oversee Attack Surface Management to continuously assess, monitor, and reduce the organization s exposure to cyber risks. Oversee Dark Web Monitoring initiatives to identify and assess leaked credentials, insider threats, and external attack indicators. Collaborate with Threat Intelligence teams to track adversary tactics, techniques, and procedures (TTPs). Develop and execute a Cyber Defense strategy, aligning security operations with business objectives. Manage, mentor, and grow a team of cybersecurity professionals across SOC and Cyber Defense functions. Partner with IT, Risk, Legal, and Compliance teams to ensure alignment with security frameworks and regulations. Present key cyber risk metrics, threat trends, and program updates to executive leadership. Qualifications Experience 15+ years of overall experience including 5+ years leading cybersecurity teams in SOC and/or Cyber Defense Strong leadership and crisis management skills with experience handling major security incidents and executive-level communications. Deep expertise in MITRE ATTCK, threat intelligence frameworks, adversary emulation, and digital forensics. Proficiency working with cloud service providers such as AWS, Azure, GCP and must be able to demonstrate ability to effectively conduct IR on incidents within these cloud environments Proficiency in SIEM, SOAR, EDR/XDR Experience implementing cyber defense strategies in large-scale enterprise environments. Familiarity with regulatory requirements and compliance frameworks (NIST, CIS, ISO 27001, GDPR, etc). Strong knowledge of offensive security techniques and how to defend against them. Preferred Certifications CISSP, CISM, GIAC (GCTI, GCIH, GCFA, GNFA, GDAT), CCSP, or equivalent. AWS/Azure/GCP Security certifications are a plus